Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Well said. It's just a matter of time before Apple Pay becomes huge at least here in the US. Really neat watching these Apple technologies hit the mainstream over time. I remember when FaceTime was first released and no one really knew what it was. Now even little kids know to "FaceTime" with grandpa and grandma. It's literally a new word akin to kleenex or xerox (in the "old" days, of course).
 
Because chip and PIN is required by October, NFC is not.

Chip-and-PIN is not required by October. In October, the liability shifts, so most vendors will be getting chip machines (not because they have to, but because they don't want the risk). Most banks are issuing chip-and-signature cards, so for the most part, the U.S. will still be without chip-and-PIN.

As Apple Pay is more secure than chip-and-signature, it makes more sense to accept Apple Pay to reduce fraud risk than it does to simply install chip machines.
 
I work in banking, and everyone is switching to chip and signature instead of the more secure chip and PIN. The reason? We commissioned study after study and they all said that the average American was simply too stupid to remember their PIN.

This is disturbing at many levels.
Even more so when one considers how well the system works elsewhere already.

I would be interested in seeing the source data supporting this; I'm not questioning the validity your statement itself, only the finding of the study or studies suggesting that the American public would have such a dramatic functional difference from people of other Western nations. I would have to question whether there is some sort of inherent bias in the study construction or interpretation.
 
Regarding Red Cards, those are just target cards. They don't offer Visa cards like they used to, so I don't really care about that. I have no desire in carrying a card that can only be used at one store.

Another benefit of Chip and PIN is online transactions. In europe, online merchants ask for a pin... lot harder for a thief to have your card number AND pin than your card number and zip code.

You brought up and issue that I hadn't even thought of, Square. There are so many Square, and Intuit, and other branded personal readers out there, I wonder if they're going to all have to redevelop to accommodate chip cards. I guess they already hold the seller responsible for any charge backs "guilty by default" as it is, so maybe they don't care?

5% savings using their card can (and has been) certainly make it worthwhile for a lot of people.
 
This is disturbing at many levels.
Even more so when one considers how well the system works elsewhere already.

I would be interested in seeing the source data supporting this; I'm not questioning the validity your statement itself, only the finding of the study or studies suggesting that the American public would have such a dramatic functional difference from people of other Western nations. I would have to question whether there is some sort of inherent bias in the study construction or interpretation.

Supposedly Americans have way more credit cards than elsewhere (though IMO I think the churners/card collectors extremely skew the average), so I can kind of see PIN causing problems. Still, there's nothing stopping people from setting all of their PINs so that they're the same.

At this point though I would be okay with mandating PIN preferring for all debit cards (leaving credit cards as chip and signature) and stop allowing people to cancel out of having to enter it. That has always been a huge WTF for me even though I understand why that's the case.
 
I'm trying to remember how long we have had chip and pin in the UK and the rest of Europe. ok - found it, mandatory since 2006! http://www.chipandpin.co.uk/index.html Amazing that the US are so far behind. I'm guessing there must be some pretty big companies with vested interests in holding the country back.
 
hmmm...
 

Attachments

  • Screen Shot 2015-05-28 at 1.03.33 PM.png
    Screen Shot 2015-05-28 at 1.03.33 PM.png
    645.8 KB · Views: 66
Considering that the USA are usually the most advanced country in the world in just about everything reading this thread is just mind blogging.

I haven't seen anyone signing a credit card bill for over 20 years and those were the days when retailers still kept those carbon copy VISA mechanical machines for the times when your ATM machine didn't work perfectly (phone line problems). If it worked (and it usually did) you swiped and inserted the PIN.

A few years later it changed to chip and PIN (year 2000? before? I don't even remember) and ATM machines started to use GSM instead of the phone line which was nice for restaurants, ticket counters and just about everything because since then the retailer just gives you the machine for you to do the payment.

Nowadays cards have band, chip and NFC chip but NFC rollout has been kind of slow.
 
5% savings using their card can (and has been) certainly make it worthwhile for a lot of people.

Keeping Target out of my checking account has and always will be worth more than a 5% savings to me.


Regarding Target's adoption of Apple Pay, my local stores in NC have had these new terminals for months and months, what is the hold up exactly?

And our Walmart's as well. If I try to swipe a chip card, new Amex, it declines it and asks me to insert it. They are already using the new system. Had to sign for a purchase over $25.

Also just received a new Barclays card, it had to have a pin set. So I'm glad the banks are using different rules. :rolleyes: Not only do I need to remember a pin number, I have to remember which card has one and what it is, because its probably pretty dumb to use the same PIN for all cards even though I am sure that is what I will end up doing. :rolleyes::cool:
 
Interestingly, I used my new chip card there the other day. Now, the process didn't (yet) seem straight forward and took longer than swiping and signing, but ... at least their system is now able to accept the chip cards. It was the first place I'd been able to use it :)

None of my credit cards have updated to chip and pin yet. I can use Apple pay though.
 
Keeping Target out of my checking account has and always will be worth more than a 5% savings to me.
Are you aware that you don't have to use the Red DEBIT Card? They have a Red CREDIT card that offers the same 5% savings. No link to your checking account required.
 
Are you aware that you don't have to use the Red DEBIT Card? They have a Red CREDIT card that offers the same 5% savings. No link to your checking account required.

They also have a Amex-based prepaid card that you can load from another credit card. It's like the Amex Serve/Walmart Bluebird card, but can be reloaded at the register from various sources and has the 5% Red Card discount. You could always just load it up and use it like a glorified gift card:

https://amex.serve.com/prepaidredcard/

Since it's based on generally the same program as the Amex Serve card, it could also act as a check-less checking account - direct deposit, bill pay, and ATM access.
 
I've personally upgraded Target retail locations in my area with the Chip-and-Pin several months ago. Unless they have thousands of stores across the United States yet to upgrade, I can't see why it should take much longer to accept :apple:Pay. If anything his comments surprised me that Target hasn't yet at least enabled NFC at all locations.

Target was very secure installing the new pin pads and return of the pads that were removed from the sites during the upgrades, requesting photos of boxed items etc, to be shipped back via their own in house delivery system. Typically other retailers have a technician remove or replace an old pin pad and have the tech take responsibility for returning the pin pad with a pre paid waybill label.

A bunch of you are missing a big detail: They are moving to chip and pin "cards"

Meaning they are moving their Red Cards over to chip and pin, and they don't want distractions from getting that done. It's not that they haven't gotten the new machines in, it's that their own services are not upgraded to use them yet.
 
My wife and I have refused to shop at Target since their breach. In the one exception, we paid cash.

After a breach that massive, where so many systems were compromised, I don't have much confidence that they were able to completely sanitize their credit card processing infrastructure.

It's too likely that something is still lurking in a dark corner of their network. I'm not using a credit card at Target unless it is something I can invalidate with little or no hassle.

Lol. Cash is for suckers

----------

Can I ask you something? When October 2015 comes around, will we all be required to insert our credit card and use the chip portion, or will I still be swiping my card?
I work for a credit card company in the fraud department. I can verify there are some inconsistencies in the article and in the replies.

First, any U.S.-issued EMV cards will likely be Chip-and-Signature.

Second, Chip-and-Signature cards will slightly help to reduce the number of numbers compromised in a massive breach. U.S.-issued EMV cards still have magnetic strips, which can easily be read with a skimmer, and all cards are still at risk from something as simple as a waiter at a restaurant writing down your number. Largely, EMV cards are still a joke, and will prove to be a short-term solution until NFC and biometrics is widely adopted.

If you haven't seen an EMV card, I'm very surprised. My cards from American Express, Capital One, and USAA are all EMV cards. If you don't have one, yet, expect to receive one by October, when the liability shift to merchants takes place.

In my opinion, Apple Pay is the absolute most secure way to purchase anything with a credit or debit card. Tokenization pretty much removes the risk of your number being stolen in a massive breach. It's a shame so many companies are so slow in accepting this form of payment.

Another thing that consumers should demand is that our cards are never out of our sight. Restaurants are the largest culprit of this old-fashioned theft. We need to adopt Europe's practice of card swipes being performed table-side as soon as possible.

I will also warn everyone that, as card numbers become more secure year after year (hopefully), it will open up more cases of identity theft as card thieves become more desperate for these numbers.

It's a never-ending game of cat and mouse.
 
Pathetic because Apple Pay is already more secure than Chip and Pin. And faster.

Exactly.

Also - how many people in the U.S. even have a chip and PIN card at the moment, vs. how many have an iPhone 6 or 6+? And even if I did have a chip and PIN card, I'd still rather just carry around a phone that contains all of my payment info rather than a phone plus a wallet full of cards.
 
I work for a credit card company in the fraud department. I can verify there are some inconsistencies in the article and in the replies.

First, any U.S.-issued EMV cards will likely be Chip-and-Signature.

Second, Chip-and-Signature cards will slightly help to reduce the number of numbers compromised in a massive breach. U.S.-issued EMV cards still have magnetic strips, which can easily be read with a skimmer, and all cards are still at risk from something as simple as a waiter at a restaurant writing down your number. Largely, EMV cards are still a joke, and will prove to be a short-term solution until NFC and biometrics is widely adopted.

If you haven't seen an EMV card, I'm very surprised. My cards from American Express, Capital One, and USAA are all EMV cards. If you don't have one, yet, expect to receive one by October, when the liability shift to merchants takes place.

In my opinion, Apple Pay is the absolute most secure way to purchase anything with a credit or debit card. Tokenization pretty much removes the risk of your number being stolen in a massive breach. It's a shame so many companies are so slow in accepting this form of payment.

Another thing that consumers should demand is that our cards are never out of our sight. Restaurants are the largest culprit of this old-fashioned theft. We need to adopt Europe's practice of card swipes being performed table-side as soon as possible.

I will also warn everyone that, as card numbers become more secure year after year (hopefully), it will open up more cases of identity theft as card thieves become more desperate for these numbers.

It's a never-ending game of cat and mouse.

The magnetic strip isn't a problem. In the typical European implementation the retailer won't accept the magnetic stripe and doing so invokes a higher degree of risk on the retailer.

Online transactions require a one-time code through a code generator or phone.

A more common form of fraud is stealing the number and using it abroad - Nigeria or Russia, but ultimately the loss is realized in the foreign country.

However, chip and PIN plus a one time code for online really puts a damper on credit card fraud
 
My local Target has NFC readers that they've switched off, so saying they'd love to do it right now is ********.

I know you were being snarky, but apparently you've never rolled out something like this. It seems like common sense, please don't take offense but in my field of work it is, that just because the hardware front end is there doesn't mean anything. There is SO much that needs to go on behind the scenes to actually support it. Think of it like an iceberg. You're only seeing 10% completed, the easiest 10% at that. The other 90% is the crap you have only one shot at getting right.
 
Keeping Target out of my checking account has and always will be worth more than a 5% savings to me.


Regarding Target's adoption of Apple Pay, my local stores in NC have had these new terminals for months and months, what is the hold up exactly?

And our Walmart's as well. If I try to swipe a chip card, new Amex, it declines it and asks me to insert it. They are already using the new system. Had to sign for a purchase over $25.

Also just received a new Barclays card, it had to have a pin set. So I'm glad the banks are using different rules. :rolleyes: Not only do I need to remember a pin number, I have to remember which card has one and what it is, because its probably pretty dumb to use the same PIN for all cards even though I am sure that is what I will end up doing. :rolleyes::cool:

Not sure how they would be in anyone's checking account when it comes to their credit card. But saving a hundred dollars or so for basically nothing (and not exposing your credit or debit cards to Target in the process) seems like a petty good deal for many.

----------

Lol. Cash is for suckers

----------

Can I ask you something? When October 2015 comes around, will we all be required to insert our credit card and use the chip portion, or will I still be swiping my card?

Cash is legal tender and not really linked to the person that uses it. Still one of the top payment methods in many instances.
 
Can I ask you something? When October 2015 comes around, will we all be required to insert our credit card and use the chip portion, or will I still be swiping my card?

If you have a chip in the card, you will have to insert the card. If the merchant accepts a card swipe instead, they will be liable for fraud.

When I've used my chipped card at Wal-Mart, the reader rejected a card swipe immediately, with a message to insert the card instead.
 
And assuming it is a four digit number which the dude behind me will know looking over my shoulder, I'm not sure it is secure.
How often do you hear the guy in front of you recite his home phone number out loud to the cashier when they ask for a loyalty card? Gives me the willies. I think Apple will add loyalty cards to ApplePay soon, so your simple Apple Pay transaction will automatically get it put on your loyalty card in one step.
 
They're using end-to-end encryption now from my understanding, and EMV will further help the situation.

Unfortunately, it's still not completely end-to-end: the card information is still resident in memory on the point-of-sale terminal, for a brief period. Even with EMV, that's true.

And that's why the Target breach was so insidious: the POS terminals were compromised, and the card information was captured during the brief period it was in RAM.
 
How often do you hear the guy in front of you recite his home phone number out loud to the cashier when they ask for a loyalty card? Gives me the willies. I think Apple will add loyalty cards to ApplePay soon, so your simple Apple Pay transaction will automatically get it put on your loyalty card in one step.

What can a phone number do?
 
I work for a credit card company in the fraud department. I can verify there are some inconsistencies in the article and in the replies.

Thanks for posting this. It's a succinct summary of what will be happening in the US, and the opportunity for fraud that remains.

----------

The rub is that without a PIN, using the chip card outside the US becomes difficult. I think it's too soon to say how long it will take to get Apple Pay everywhere at the international level.

If I remember correctly, it's only Wells Fargo that's offering the PIN option.

I have a Wells Fargo card with a PIN. But, it's a SECONDARY form of authentication. The PRIMARY form of authentication is still a signature, unless the card is used at an unattended terminal.

In practice, it didn't work for me in Europe. When I tried to use the card at an unattended terminal, the transaction failed -- just like a different card that had no PIN. Fortunately, the terminal (a gas pump) accepted cash.

----------

With two exceptions, everywhere I've used Apple Pay has required me to either enter my card's PIN (for my debit) or sign (for my credit). Apple Pay may be more secure, but the merchants haven't caught up.

This is actually the terminal, not the merchant.

As far as the terminal is concerned, you used a contactless card. It doesn't know that you authenticated the transaction on your phone with a fingerprint. So, it requires a signature or PIN, depending on your physical card.

The EMV specification has a field to specify the authentication required at the terminal, and a possible value is "none". But, I don't know if Apple Pay uses that, or if any terminals recognize it.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.